<p class="title">Scientists have developed a new anti-hacker system, which rather than simply blocking an intruder, deploys an alternative reality - feeding the attacker with false data.</p>.<p class="bodytext">The High-fidelity Adaptive Deception & Emulation System (HADES), developed by researchers at Sandia National Laboratories in the US, feeds a hacker not what he needs to know but what he wants to believe.</p>.<p class="bodytext">"Simply kicking a hacker out is next to useless. The hacker has asymmetry on his side; we have to guard a hundred possible entry points and a hacker only needs to penetrate one to get in," said Vince Urias, Sandia National Laboratories.</p>.<p class="bodytext">Rather than being summarily removed from a data source, a discovered hacker is led unobtrusively into HADES, where cloned virtual hard drives, memory and data sets create a simulation very much like the reality.</p>.<p class="bodytext">However, certain artifacts have been deliberately, but not obviously, altered.</p>.<p class="bodytext">"So, a hacker may report to his handler that he or she has cracked our system and will be sending back reports on what we're doing," Urias said.</p>.<p class="bodytext">"They may have received a year or so of false information before realising something is wrong. A hacker informing his boss that he's discovered a problem doesn't do his reputation much good, he's discredited," he said.</p>.<p class="bodytext">"And then the adversary must check all data obtained from us because they don't know when we started falsifying," he added.</p>.<p class="bodytext">Furthermore, when a hacker finally puzzles out something is wrong, he must display his toolkit as he tries to discern truth from fiction.</p>.<p class="bodytext">"It used to be that technologically we couldn't move a visitor to a different reality without them knowing but there's been a radical change in networking in the last 10 to 15 years, from hardware to software," said Urias.</p>.<p class="bodytext">"With the ephemerality of the network fabric, I can change realities without a hacker knowing," he said.</p>.<p class="bodytext">HADES can operate in multiple modes from a small organisation without resources to a large company, researchers said.</p>.<p class="bodytext">Like any technique, HADES has its limitations. While the simplest deceptive environment can be done on a small private computer, environments of greater fidelity require more CPU and memory resources and may thereby reduce the number of virtual environments deployable on a single server.</p>.<p class="bodytext">The technique has allowed the researchers to locate malware an adversary has placed in a system, and is capable of active attack.</p>
<p class="title">Scientists have developed a new anti-hacker system, which rather than simply blocking an intruder, deploys an alternative reality - feeding the attacker with false data.</p>.<p class="bodytext">The High-fidelity Adaptive Deception & Emulation System (HADES), developed by researchers at Sandia National Laboratories in the US, feeds a hacker not what he needs to know but what he wants to believe.</p>.<p class="bodytext">"Simply kicking a hacker out is next to useless. The hacker has asymmetry on his side; we have to guard a hundred possible entry points and a hacker only needs to penetrate one to get in," said Vince Urias, Sandia National Laboratories.</p>.<p class="bodytext">Rather than being summarily removed from a data source, a discovered hacker is led unobtrusively into HADES, where cloned virtual hard drives, memory and data sets create a simulation very much like the reality.</p>.<p class="bodytext">However, certain artifacts have been deliberately, but not obviously, altered.</p>.<p class="bodytext">"So, a hacker may report to his handler that he or she has cracked our system and will be sending back reports on what we're doing," Urias said.</p>.<p class="bodytext">"They may have received a year or so of false information before realising something is wrong. A hacker informing his boss that he's discovered a problem doesn't do his reputation much good, he's discredited," he said.</p>.<p class="bodytext">"And then the adversary must check all data obtained from us because they don't know when we started falsifying," he added.</p>.<p class="bodytext">Furthermore, when a hacker finally puzzles out something is wrong, he must display his toolkit as he tries to discern truth from fiction.</p>.<p class="bodytext">"It used to be that technologically we couldn't move a visitor to a different reality without them knowing but there's been a radical change in networking in the last 10 to 15 years, from hardware to software," said Urias.</p>.<p class="bodytext">"With the ephemerality of the network fabric, I can change realities without a hacker knowing," he said.</p>.<p class="bodytext">HADES can operate in multiple modes from a small organisation without resources to a large company, researchers said.</p>.<p class="bodytext">Like any technique, HADES has its limitations. While the simplest deceptive environment can be done on a small private computer, environments of greater fidelity require more CPU and memory resources and may thereby reduce the number of virtual environments deployable on a single server.</p>.<p class="bodytext">The technique has allowed the researchers to locate malware an adversary has placed in a system, and is capable of active attack.</p>